I am very new to FreeBSD, so I know there is a simple answer to this: I have installed FreeBSD 4.8 Stable on a machine. The installation always runs like silk. I then begin locking down some of the machine's conf files, shut down unecessary daemons, etc. This includes setting permissions on unused suid/sgid binaries to 000. This process always works fine, and even after reboot, the binaries I have reduced permissions on stay reduced.
At some point in this process however, I get to cvsup, buildworld, and installworld. This process re-enables the old permissions on the files I so diligently locked down. I would expect there is a flag or include/exclude file somewhere I need to lookup to prevent cvsup from doing this in the first place, but like I said, I'm new. The problem I need help with though, is the fact that I cannot chmod 000 certain binaries after this process (for example: /usr/bin/rsh, /usr/bin/yppasswd, /usr/bin/ypchfn, etc.). The following occurs: # chmod 000 /usr/bin/rsh chmod: /usr/bin/rsh: Operation not permitted A listing of the file: # ll /usr/bin/rsh -r-sr-xr-x 1 root wheel 7980 Oct 26 07:36 /usr/bin/rsh I am logged in as root on the console. My cvs-supfile is very basic: *default host=cvsup8.FreeBSD.org *default base=/usr *default prefix=/usr *default release=cvs *default compress src-all tag=RELENG_4_8 ports-all tag=. What changes during installworld that prevents me from shutting these down again? If anyone needs more information, just let me know what you're looking for. Jim _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
